Do you know how to create a strong password?

Show of hands, who here has had experience getting hacked online? And who knows someone else that’s been hacked? And who’s seen stuff on Pinterest about how your friend supposedly lost all this weight with that AMAZING weight loss product, with an image that doesn’t even relate to that, posted on their Art and Design Reference board?

That, my friends, is a lot of hands.

I myself have been hacked three times in the past 10 years.

First, when I was living in Wisconsin in 2002, someone hacked my Paypal account and spent 1800 bucks buying a tv on eBay. Thankfully, no money came out of my pocket since I noticed and alerted everyone about the breach almost as soon as it happened. But it DID honk up my online banking/paypalling for a while as things got sorted out.

Second, an old iteration of my website was built using Zen-Cart, and my site got hacked. They lovingly left behind lots of spammy links in the footer for me. (This one didn’t actually happen because of my password, it was a breach in the site software.)

Third and most recently, Kristin Ausk of Meringue Bake Shop alerted me that my Pinterest account got hacked. It was the exact scenario described above. Just one little image with something about weight loss on one of my boards. But it got me seriously thinking about my online presence, my security, and most importantly my passwords.

That last hack was a  little disconcerting, because the password I used was really hard to guess. It was also the same password I was using across the board for lots and lots of sites. If the hacker was focusing on me instead of widespread spam posting of gimmicky weight loss products, he could have taken that hacked password and gotten into my email, my Paypal, my everything.

I say “he” because we all know my Nigerian prince is behind any and all hacking or scamming on the internet. He just can’t take no for an answer.

Scary, right?

My techie friend Alain gave me some really good advice on Facebook that I’ll share here in regards to how to create a strong password:

“Reset all your passwords but use a sentence instead of a word (real or made up). For example: “th1s<space>1s<space>f0n”. Spaces included. One word password is prone to dictionary based hacking whereas a sentence will take years to decrypt.”

“It is a pain but you don’t want your hard work to be taken over by a Nigerian prince looking to transfer his Gold billions, do you?”

I totally don’t!!! Another thing he mentioned:

” iPhone, Blackberry, Android have password management apps, if you want everything in one place”

And as we chatted about the Pinterest breach, I had a ridiculously Oprah a-ha moment.

DUH. I shouldn’t be using the same password for all my logins, no matter how hard it is. Cuz if one site gets hacked, it’s easy enough to figure out all the other sites I’m on. Look at that sidebar. There’s all my links right there. I’m obviously running a business, so it’s easy enough to rearume Paypal can be added to that list and boom. That’s a lot of potential damage.

So here’s what I did to go about creating new, stronger passwords.

1) I bought both a desktop computer version and iPhone version of DataVault Password Manager.. They’re each about 10 bucks, but totally worth it. And if you’re using it to keep track of passwords on sites where you do business, that’s a legit business expense. I bought the desktop computer version as well as the iphone datavault app because when I’m working at home, it’s nice and easy to have the program running so that anytime I have to log into email, twitter, etc, I just copy the password for that site from the program and paste it in the password field.

2) I started changing all of my passwords on all of the sites I’m on, so that no two websites have the same password. With the DataVault Password Manager software in place, I don’t have to remember all my passwords. I wanted them to be hard enough passwords where they couldn’t be cracked easily.

When I started to create my new stronger passwords, I made big long strings of nonsense letters, some are caps, some aren’t, spaces, symbols, numbers, the whole nine yards. Some websites don’t let you use spaces in passwords, so I made use of the dashes and underscores. None of my passwords have anything even remotely resembling a real word you can find in the dictionary.

I’m not kidding when I tell you I currently have no idea off the top of my head what my password on Facebook is. Or Twitter. Or Gmail, even. And I like it that way.

I hope that helps some of you get your passwords on lockdown so my Nigerian prince can’t have access!

What else can you do to protect your online presence?

Get signed up for our monthly maintenance subscription to keep your WordPress website up to date with the latest backups and security releases!